| Author |
Message |
|
egarnel
User
Joined: Wed Dec 14, 2005 8:27 am
Posts: 87
|
 flowviewer not showing info OK,
I am getting flows just fine into the netflow:stats table, but I am not able to pull up anything using the flowviewer utility under Cacti.
I have verified that all my paths are correct under Console|Settings|path
and that I am indeed getting flows from my routers.
I feel that I am just a step or 2 away on this...
Thanks
|
| Thu Sep 14, 2006 1:43 pm |
|
|
|
jimmy
Site Admin
Joined: Thu Nov 11, 2004 11:12 am
Posts: 2007
|
netflow:stats table? Not sure what that is for, as the plugin doesn't use it.
Quick question. What path DD-MM-YYYY settings are you using? I found a small error with the plain old / setting that stopped the plugin from working. I fixed it a while back, but haven't pushed out the new version yet.
|
| Fri Sep 15, 2006 12:58 am |
|
|
|
egarnel
User
Joined: Wed Dec 14, 2005 8:27 am
Posts: 87
|
YYYY-MM-DD. I will try another setting
|
| Fri Sep 15, 2006 8:51 am |
|
|
|
jimmy
Site Admin
Joined: Thu Nov 11, 2004 11:12 am
Posts: 2007
|
egarnel wrote: YYYY-MM-DD. I will try another setting Its not necessary to try another setting, since that one doesn't have any issues (its the "/" one that has issues). Is your flow-capture program actually exporting to that directory structure? An example of what your structure is currently like would be great. For instance I use that same setting on mine, so todays flows can be found in
/var/netflow/flow/2006-09-15/
Flow path: /var/netflow/flow
Path Setting: YYYY-MM-DD
|
| Fri Sep 15, 2006 9:35 am |
|
|
|
egarnel
User
Joined: Wed Dec 14, 2005 8:27 am
Posts: 87
|
Hmm.... mine looks different
Code: flows]# l
total 360
-rw-r--r-- 1 root root 112 Jun 9 09:19 tmp-v05.2006-06-09.091901-0500
-rw-r--r-- 1 root root 112 Sep 8 09:24 tmp-v05.2006-09-08.092401-0500
-rw-r--r-- 1 root root 112 Sep 14 13:21 tmp-v05.2006-09-14.132101-0500
-rw-r--r-- 1 root root 112 Sep 18 08:33 tmp-v05.2006-09-18.083301-0500
drwxr-xr-x 3 apache apache 4096 Sep 18 08:33 ..
drwxr-xr-x 2 apache apache 323584 Sep 18 08:34 completed
-rw-r--r-- 1 root root 112 Sep 18 08:34 tmp-v05.2006-09-18.083410-0500
drwxr-xr-x 3 apache apache 4096 Sep 18 08:34 .
ps -ef|grep flow
root 5811 1 0 08:34 ? 00:00:00 /usr/bin/flow-capture -w /var/netflow/flows 0/172.20.1.204/2055 -S5 -V5 -E10G -n 1439 -N 0
and the stats are entered into the netflow database. I can view the data via mysql prompt or thru webmin, just not cacti
|
| Mon Sep 18, 2006 8:41 am |
|
|
|
jimmy
Site Admin
Joined: Thu Nov 11, 2004 11:12 am
Posts: 2007
|
What is in the completed directory?
Also, I assume your using CactiEZ, as that is the basic setup of it, with the script to push it to mysql.
|
| Mon Sep 18, 2006 6:46 pm |
|
|
|
egarnel
User
Joined: Wed Dec 14, 2005 8:27 am
Posts: 87
|
Yes, I am using CactiEZ
many flow entries:
rw-r--r-- 1 root root 120 Sep 19 09:58 ft-v05.2006-09-19.095701-0500
-rw-r--r-- 1 root root 120 Sep 19 09:59 ft-v05.2006-09-19.095801-0500
-rw-r--r-- 1 root root 120 Sep 19 10:00 ft-v05.2006-09-19.095901-0500
-rw-r--r-- 1 root root 1853 Sep 19 10:02 ft-v05.2006-09-19.100102-0500
Quote: flow-print < ft-v05.2006-09-19.100102-0500
srcIP dstIP prot srcPort dstPort octets packets
198.214.235.12 159.53.46.141 6 80 43965 4575 7
198.214.235.12 159.53.46.141 6 80 43964 4575 7
198.214.235.20 195.219.3.167 17 505 53 151 2
198.214.235.20 207.138.126.45 17 505 53 151 2
198.214.235.20 63.215.198.95 17 505 53 195 2
198.214.235.20 207.138.126.43 17 505 53 151 2
198.214.235.12 159.53.46.141 6 80 44588 4575 7
198.214.235.12 159.53.46.141 6 80 44589 4575 7
198.214.235.12 159.53.46.141 6 80 45190 4575 7
198.214.235.12 159.53.46.141 6 80 45191 4575 7
198.144.202.250 198.214.234.4 17 123 123 76 1
66.111.103.100 198.214.235.102 17 1048 53 73 1
66.111.103.100 198.214.235.102 17 1036 53 73 1
172.20.1.22 172.20.1.1 17 123 123 76 1
64.86.94.10 198.214.235.31 6 80 1054 12770 10
64.86.94.10 198.214.235.31 6 80 1058 805 2
159.53.46.141 198.214.235.12 6 45190 80 906 8
159.53.46.141 198.214.235.12 6 45191 80 801 6
211.21.121.49 198.214.233.140 6 3503 445 48 1
198.214.235.26 224.0.0.18 112 0 0 9464 169
198.214.235.26 198.214.235.1 1 0 2048 420 5
|
| Tue Sep 19, 2006 10:04 am |
|
|
|
jimmy
Site Admin
Joined: Thu Nov 11, 2004 11:12 am
Posts: 2007
|
Redownload the plugin, and re-install, since as I stated above, there is a bug when using the / directory setting, which is what you should be using.
Then use these settings
Flows Directory
/var/netflow/flow/completed
Flows Directory Structure
/
Also make sure your Flow Tools Binary Path and Flow Tools Work Directory are correct.
|
| Tue Sep 19, 2006 7:44 pm |
|
|
|
egarnel
User
Joined: Wed Dec 14, 2005 8:27 am
Posts: 87
|
wooohoo! that did the trick!
thanks for all your help
|
| Wed Sep 20, 2006 11:39 am |
|
|
|
klr0514
New User
Joined: Wed Apr 05, 2006 1:04 pm
Posts: 17
|
I hate to open an old thread, but I am having a similar issue. This is a Linux based system, I can see the flows
(directory is /var/netflow/flows/YYYY/YYYY-MM/YYYY-MM-DD)
But I cannot see anything under the flow-viewer.
Binary path: /usr/bin/
Working Diretcory: /tmp/
Flows Directory: /var/netflow/flows
Directory Structure: / (although I did try the above format too).
Any ideas? I just download the plugin this week.
I did notice that the plugin_flowview_dnscache is empty in mysql...
|
| Fri Jan 26, 2007 10:31 am |
|
|
|
klr0514
New User
Joined: Wed Apr 05, 2006 1:04 pm
Posts: 17
|
what is this script to push the data into the mysql database? I did not use the CactiEZ cd, I just installed the plug in to an existing setup.
|
| Fri Jan 26, 2007 2:33 pm |
|
|
|
jimmy
Site Admin
Joined: Thu Nov 11, 2004 11:12 am
Posts: 2007
|
The MySQL part isn't necessary for the plugin. The old CactiEZ would also log it to a DB, so that you can run custom SQL queries on all the data. It was extremely slow, so I dropped it.
This should be your settings.
Binary path: /usr/bin/
Working Diretcory: /tmp/
Flows Directory: /var/netflow/flows/
Directory Structure: YYYY/YYYY-MM/YYYY-MM-DD
You might want to check the time on the router exporting the flows. Flow tools logs the info with the routers date / time (which is different than the directory name's date), so when it goes to the report the internal time is different and not included in the report.
|
| Fri Jan 26, 2007 8:16 pm |
|
|
|
klr0514
New User
Joined: Wed Apr 05, 2006 1:04 pm
Posts: 17
|
Looks like everything is working well now. I forgot I need to also bound the request by dates... Thanks Jimmy!!
|
| Tue Jan 30, 2007 8:11 am |
|
|
|
julien59
New User
Joined: Mon Jun 15, 2009 4:57 am
Posts: 2
|
Re: flowviewer not showing info Hi everybody ! I try to make some tests in order to use flow viewer with Cacti but I have no results. I applied these settings : Binary path: /usr/bin/ Working Diretcory: /tmp/ Flows Directory: /var/netflow/flows Directory Structure: YYYY/YYYY-MM/YYYY-MM-DD (this correspond in device option ??) I cheked and my files are in this directory /var/netflow/flows/YYYY/YYYY-MM/YYYY-MM-DD/ If someone has an idea  Thanks.
|
| Mon Jun 15, 2009 5:35 am |
|
|
